Online services are subject to various threats. For example, a malicious entity may orchestrate a click fraud campaign by using a collection of software agents (commonly referred to as BOTs) to automatically click on advertisements. In another case, a malicious entity may perform a distributed denial of service (DDOS) attack by sending a large amount of bogus traffic to a service. In another case, a malicious entity may attempt to steal information from a service by repetitively attempting to exploit vulnerabilities in the service. In another case, a malicious entity may direct fake traffic to its own site for the purpose of elevating its ranking score in a search engine. These examples are cited by way of illustrative, not limitation; many other types of malicious activity are prevalent in today's network environments.
In some cases, an administrator of a service can manually correct or ameliorate the damage caused by an attack that has already occurred, once discovered. This approach, however, is neither efficient nor fully effective in all situations.